cicd-goat
A deliberately vulnerable CI/CD environment with 11 challenges to learn and practice CI/CD security.
What is cicd-goat?
CI/CD Goat is a deliberately vulnerable CI/CD environment created for security education. It allows engineers and security practitioners to learn CI/CD security through a set of 11 hands-on challenges enacted against a real, full-blown CI/CD pipeline. The project helps users understand common attack vectors and the OWASP Top 10 CI/CD Security Risks in a safe, controlled setting.
Security engineers, DevOps practitioners, and developers who want to understand CI/CD security vulnerabilities and learn how to secure their pipelines. It's also suitable for security training programs and CTF enthusiasts.
Developers choose CI/CD Goat because it provides a realistic, self-contained CI/CD environment with intentional vulnerabilities, enabling practical, hands-on learning without risking production systems. Its coverage of the OWASP Top 10 CI/CD risks and integration with a CTF framework make it a comprehensive educational tool.
Overview
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
Use Cases
Best For
- Learning CI/CD security through hands-on challenges
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
